Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/MKUiTX40mHZzXKQ8ksHzCYQPfk0.roa
File: MKUiTX40mHZzXKQ8ksHzCYQPfk0.roa (raw, json)
Hash identifier: YSglGr0C+AmOaZ1dmdYIzd3/jmlqdzpDbv3A08pvWUk=
Subject key identifier: 30:A5:22:4D:7E:34:98:76:73:5C:A4:3C:92:C1:F3:09:84:0F:7E:4D
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 0191F3D1A64594465F84E348E2797A02ECD8
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/MKUiTX40mHZzXKQ8ksHzCYQPfk0.roa
Signing time: Sun 15 Sep 2024 03:54:48 +0000
ROA not before: Sun 15 Sep 2024 03:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 141718
IP address blocks: 45.155.90.0/24 maxlen: 24
45.155.226.0/24 maxlen: 24
45.156.223.0/24 maxlen: 24
103.211.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Sep 2024 03:32:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f3:d1:a6:45:94:46:5f:84:e3:48:e2:79:7a:02:ec:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Sep 15 03:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30a5224d7e349876735ca43c92c1f309840f7e4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c3:f9:aa:e9:49:98:a1:88:08:8d:fb:d7:44:
7c:74:d4:c9:ee:0c:06:72:d0:bc:6d:1a:b7:0b:97:
cd:38:cc:a4:8b:51:83:68:77:a7:38:b2:70:22:59:
2e:ed:da:67:23:c5:2b:2f:af:00:32:ce:26:22:d2:
cb:b9:71:fd:6b:54:69:0f:20:b7:e6:b5:50:2d:45:
80:db:25:c2:bf:f2:21:3b:8f:02:76:fe:1c:7d:c2:
58:35:d2:77:1c:10:e4:f6:dc:05:fc:c7:40:37:88:
e0:f7:96:87:10:84:eb:f3:0e:4e:15:06:86:8b:9c:
78:fe:19:5b:40:d7:d3:10:a7:5e:27:8d:d5:6e:81:
a1:d6:83:f9:a7:0e:a0:f0:bf:f9:70:44:54:35:14:
35:37:c9:03:40:9c:33:f1:0e:05:a1:7f:6a:4f:91:
ab:8e:28:1f:88:2a:35:57:0f:21:ac:40:ca:fe:d2:
e5:7d:86:1e:7e:c3:5f:03:ef:1a:84:d5:37:07:b4:
7b:db:f7:f5:4a:60:b1:2e:3b:89:32:c0:b7:4c:6f:
f1:de:7a:8b:c3:05:a7:11:2e:3c:af:e7:fb:8b:2c:
6c:34:82:26:0f:cd:f7:ab:10:87:8b:23:4c:87:38:
45:00:cd:43:0e:10:70:b0:74:e5:30:e1:3f:a7:cc:
27:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:A5:22:4D:7E:34:98:76:73:5C:A4:3C:92:C1:F3:09:84:0F:7E:4D
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/MKUiTX40mHZzXKQ8ksHzCYQPfk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.90.0/24
45.155.226.0/24
45.156.223.0/24
103.211.103.0/24
Signature Algorithm: sha256WithRSAEncryption
00:d3:8f:2e:86:57:5b:01:3a:21:bf:61:14:aa:78:0a:95:f2:
61:d3:37:c5:f9:10:ca:e1:8b:58:e3:2a:9c:5d:31:4e:46:a4:
3c:70:2a:d3:90:5a:1a:b7:b9:55:b1:ac:72:91:03:a5:26:e0:
82:3f:e4:4c:c8:0f:23:fb:85:3e:e0:71:9c:aa:18:5f:43:09:
be:05:d1:9e:2c:78:c6:3e:97:af:15:4f:8b:8c:cb:8e:3b:3f:
98:b5:3b:df:6f:d7:41:fe:09:a9:5e:0c:8a:6b:63:2b:70:c3:
1c:57:e5:72:09:09:58:3b:32:47:3e:eb:c6:69:e5:90:e0:eb:
29:1e:62:cd:e3:56:85:40:c8:28:38:30:3b:cb:89:cb:17:cb:
c4:fb:fc:84:97:dd:a3:1c:a3:30:26:76:8c:c8:95:d6:4b:27:
fa:5b:02:ff:06:42:cb:2a:be:0e:15:ea:14:7b:a3:25:ab:1f:
6c:f8:ce:11:52:80:ee:03:63:f4:b6:64:e1:c8:09:62:e0:88:
cd:3c:8c:13:36:31:8f:62:f7:39:58:19:c2:f6:af:9f:84:af:
b7:98:e0:54:d1:ee:5e:93:4b:1c:df:7b:16:f5:0c:c6:b5:ad:
b6:c7:77:46:a2:ba:2f:9c:49:11:d8:8e:9e:9a:1c:fc:b0:60:
13:83:2d:2f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZHz0aZFlEZfhONI4nl6AuzYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwOTE1MDM1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGE1MjI0ZDdlMzQ5ODc2NzM1Y2E0M2M5MmMxZjMwOTg0MGY3ZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsP5qulJmKGICI3710R8dNTJ7gwG
ctC8bRq3C5fNOMyki1GDaHenOLJwIlku7dpnI8UrL68AMs4mItLLuXH9a1RpDyC3
5rVQLUWA2yXCv/IhO48Cdv4cfcJYNdJ3HBDk9twF/MdAN4jg95aHEITr8w5OFQaG
i5x4/hlbQNfTEKdeJ43VboGh1oP5pw6g8L/5cERUNRQ1N8kDQJwz8Q4FoX9qT5Gr
jigfiCo1Vw8hrEDK/tLlfYYefsNfA+8ahNU3B7R72/f1SmCxLjuJMsC3TG/x3nqL
wwWnES48r+f7iyxsNIImD833qxCHiyNMhzhFAM1DDhBwsHTlMOE/p8wnIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDClIk1+NJh2c1ykPJLB8wmED35NMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvTUtVaVRYNDBtSFp6WEtROGtzSHpDWVFQZmswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZtaAwQA
LZviAwQALZzfAwQAZ9NnMA0GCSqGSIb3DQEBCwUAA4IBAQAA048uhldbATohv2EU
qngKlfJh0zfF+RDK4YtY4yqcXTFORqQ8cCrTkFoat7lVsaxykQOlJuCCP+RMyA8j
+4U+4HGcqhhfQwm+BdGeLHjGPpevFU+LjMuOOz+YtTvfb9dB/gmpXgyKa2MrcMMc
V+VyCQlYOzJHPuvGaeWQ4OspHmLN41aFQMgoODA7y4nLF8vE+/yEl92jHKMwJnaM
yJXWSyf6WwL/BkLLKr4OFeoUe6Mlqx9s+M4RUoDuA2P0tmThyAli4IjNPIwTNjGP
Yvc5WBnC9q+fhK+3mOBU0e5ek0sc33sW9QzGta22x3dGorovnEkR2I6emhz8sGAT
gy0v
-----END CERTIFICATE-----
Generated at Thu Sep 19 07:24:02 2024 by rpki-client on console-ams.rpki-client.org